Run Ansible playbook on mac1.metal instances fleet with AWS Systems Manager

In days of containers and serverless applications, Ansible looks not such a trendy thing. But still, there are cases when it helps, and there are cases when it combines very well with brand new product offerings, such as EC2 Mac instances. The more I use mac1.metal in AWS, the more I see that Ansible becomes a bedrock of software customization in my case. And when you have a large instances fleet, the AWS Systems Manager becomes your best friend (the sooner you get along together, the better)....

May 27, 2021 · Serhii Vasylenko

Customizing mac1.metal EC2 AMI — new guts, more glory

I guess macOS was designed for a user, not for the ops or engineers, so this is why its customization and usage for CI/CD are not trivial (compared to something Linux-based). A smart guess, huh? Configuration Management Native Apple’s Mobile device management (a.k.a MDM) and Jamf is probably the most potent combination for macOS configuration. But as much as it’s mighty, it is a cumbersome combination, and Jamf is not free....

February 1, 2021 · Serhii Vasylenko

Manage Ansible playbook secrets with AWS services

Lookup plugins for Ansible allow you to do a lot of cool things. One of them is to securely pass sensitive information to your playbooks. If you manage some apps in AWS with Ansible, then using Parameter Store or Secrets Manager along with it might greatly improve your security. Variables with SSM Parameter Store Let’s say you have some variables defined in ‘defaults/main.yaml’ file of your role or maybe in group_vars....

August 6, 2020 · Serhii Vasylenko